Package Instance

reference_id

AVG-2053

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2021-26691.json

reference_url

reference_id

CVE-2021-26691

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2021-26691.json

reference_url	https://security.gentoo.org/glsa/202107-38
reference_id	GLSA-202107-38
reference_type
scores
url	https://security.gentoo.org/glsa/202107-38

reference_url	https://access.redhat.com/errata/RHSA-2021:3816
reference_id	RHSA-2021:3816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3816

reference_url	https://access.redhat.com/errata/RHSA-2021:4613
reference_id	RHSA-2021:4613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4613

reference_url	https://access.redhat.com/errata/RHSA-2021:4614
reference_id	RHSA-2021:4614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4614

reference_url	https://access.redhat.com/errata/RHSA-2022:0143
reference_id	RHSA-2022:0143
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0143

reference_url	https://usn.ubuntu.com/4994-1/
reference_id	USN-4994-1
reference_type
scores
url	https://usn.ubuntu.com/4994-1/

reference_url	https://usn.ubuntu.com/4994-2/
reference_id	USN-4994-2
reference_type
scores
url	https://usn.ubuntu.com/4994-2/

fixed_packages

url pkg:apache/httpd@2.4.48

purl pkg:apache/httpd@2.4.48

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-db6k-j9mj-e7hy

vulnerability	VCID-mtg7-8556-kbgd

vulnerability	VCID-rdtq-8ng5-53fn

vulnerability	VCID-wrw6-uzz4-rkfb

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.48

aliases CVE-2021-26691

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-17hy-4ppt-xyhw

url VCID-3djp-gq4c-1fa9

vulnerability_id VCID-3djp-gq4c-1fa9

summary A limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malfomed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. We have taken this opportunity to also remove request data from many other in-built error messages. Note however this issue did not affect them directly and their output was already escaped to prevent cross-site scripting attacks.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10092.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10092.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10092

reference_id

reference_type

scores

value	0.82379
scoring_system	epss
scoring_elements	0.99216
published_at	2026-04-01T12:55:00Z

value	0.82379
scoring_system	epss
scoring_elements	0.99221
published_at	2026-04-04T12:55:00Z

value	0.82379
scoring_system	epss
scoring_elements	0.99225
published_at	2026-04-13T12:55:00Z

value	0.82379
scoring_system	epss
scoring_elements	0.99224
published_at	2026-04-07T12:55:00Z

value	0.82379
scoring_system	epss
scoring_elements	0.99218
published_at	2026-04-02T12:55:00Z

value	0.82379
scoring_system	epss
scoring_elements	0.99226
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd
reference_id
reference_type
scores
url	https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/

reference_url	https://seclists.org/bugtraq/2019/Aug/47
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Aug/47

reference_url	https://seclists.org/bugtraq/2019/Oct/24
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Oct/24

reference_url	https://security.netapp.com/advisory/ntap-20190905-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190905-0003/

reference_url	https://support.f5.com/csp/article/K30442259
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K30442259

reference_url	https://www.debian.org/security/2019/dsa-4509
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4509

reference_url	https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url	https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2020.html

reference_url	https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	http://www.openwall.com/lists/oss-security/2019/08/15/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/08/15/4

reference_url	http://www.openwall.com/lists/oss-security/2020/08/08/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2020/08/08/1

reference_url	http://www.openwall.com/lists/oss-security/2020/08/08/9
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2020/08/08/9

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1743956
reference_id	1743956
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1743956

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:::::::*
reference_id	cpe:2.3:a:oracle:secure_global_desktop:5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.5:::::::*
reference_id	cpe:2.3:a:oracle:secure_global_desktop:5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collection:1.0:::::::*
reference_id	cpe:2.3:a:redhat:software_collection:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collection:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap::::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:-::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://0day.work/proof-of-concept-for-apache-httpd-limited-cross-site-scripting-in-mod_proxy-error-page-cve-2019-10092/
reference_id	CVE-2019-10092
reference_type	exploit
scores
url	https://0day.work/proof-of-concept-for-apache-httpd-limited-cross-site-scripting-in-mod_proxy-error-page-cve-2019-10092/

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47688.md
reference_id	CVE-2019-10092
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47688.md

reference_url

https://httpd.apache.org/security/json/CVE-2019-10092.json

reference_id

CVE-2019-10092

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-10092.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10092

reference_id

CVE-2019-10092

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10092

reference_url	https://security.gentoo.org/glsa/201909-04
reference_id	GLSA-201909-04
reference_type
scores
url	https://security.gentoo.org/glsa/201909-04

reference_url	https://access.redhat.com/errata/RHSA-2019:4126
reference_id	RHSA-2019:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4126

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:4751
reference_id	RHSA-2020:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4751

reference_url	https://usn.ubuntu.com/4113-1/
reference_id	USN-4113-1
reference_type
scores
url	https://usn.ubuntu.com/4113-1/

fixed_packages

url pkg:apache/httpd@2.4.41

purl pkg:apache/httpd@2.4.41

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.41

aliases CVE-2019-10092

risk_score 10.0

exploitability 2.0

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3djp-gq4c-1fa9

url VCID-3wuk-hwg1-6fa6

vulnerability_id VCID-3wuk-hwg1-6fa6

summary A design error in the "ap_some_auth_required" function renders the API unusuable in httpd 2.4.x. In particular the API is documented to answering if the request required authentication but only answers if there are Require lines in the applicable configuration. Since 2.4.x Require lines are used for authorization as well and can appear in configurations even when no authentication is required and the request is entirely unrestricted. This could lead to modules using this API to allow access when they should otherwise not do so. API users should use the new ap_some_authn_required API added in 2.4.16 instead.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3185.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3185.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3185

reference_id

reference_type

scores

value	0.09491
scoring_system	epss
scoring_elements	0.92802
published_at	2026-04-01T12:55:00Z

value	0.09491
scoring_system	epss
scoring_elements	0.92809
published_at	2026-04-02T12:55:00Z

value	0.09491
scoring_system	epss
scoring_elements	0.92814
published_at	2026-04-04T12:55:00Z

value	0.09491
scoring_system	epss
scoring_elements	0.92812
published_at	2026-04-07T12:55:00Z

value	0.09491
scoring_system	epss
scoring_elements	0.92821
published_at	2026-04-08T12:55:00Z

value	0.09491
scoring_system	epss
scoring_elements	0.92825
published_at	2026-04-09T12:55:00Z

value	0.09491
scoring_system	epss
scoring_elements	0.92829
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3185

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1243888
reference_id	1243888
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1243888

reference_url

https://httpd.apache.org/security/json/CVE-2015-3185.json

reference_id

CVE-2015-3185

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2015-3185.json

reference_url	https://access.redhat.com/errata/RHSA-2015:1666
reference_id	RHSA-2015:1666
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1666

reference_url	https://access.redhat.com/errata/RHSA-2015:1667
reference_id	RHSA-2015:1667
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1667

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://access.redhat.com/errata/RHSA-2017:2708
reference_id	RHSA-2017:2708
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2708

reference_url	https://access.redhat.com/errata/RHSA-2017:2709
reference_id	RHSA-2017:2709
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2709

reference_url	https://access.redhat.com/errata/RHSA-2017:2710
reference_id	RHSA-2017:2710
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2710

reference_url	https://usn.ubuntu.com/2686-1/
reference_id	USN-2686-1
reference_type
scores
url	https://usn.ubuntu.com/2686-1/

fixed_packages

url pkg:apache/httpd@2.4.16

purl pkg:apache/httpd@2.4.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.16

aliases CVE-2015-3185

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3wuk-hwg1-6fa6

url VCID-5xrt-1n1q-4bey

vulnerability_id VCID-5xrt-1n1q-4bey

summary In Apache HTTP Server versions 2.4.0 to 2.4.41 some mod_rewrite configurations vulnerable to open redirect.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1927.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1927.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1927

reference_id

reference_type

scores

value	0.11302
scoring_system	epss
scoring_elements	0.93495
published_at	2026-04-01T12:55:00Z

value	0.11302
scoring_system	epss
scoring_elements	0.93527
published_at	2026-04-12T12:55:00Z

value	0.11302
scoring_system	epss
scoring_elements	0.93511
published_at	2026-04-07T12:55:00Z

value	0.11302
scoring_system	epss
scoring_elements	0.93519
published_at	2026-04-08T12:55:00Z

value	0.11302
scoring_system	epss
scoring_elements	0.93522
published_at	2026-04-09T12:55:00Z

value	0.11302
scoring_system	epss
scoring_elements	0.93528
published_at	2026-04-13T12:55:00Z

value	0.11302
scoring_system	epss
scoring_elements	0.93504
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1927

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/

reference_url	https://security.netapp.com/advisory/ntap-20200413-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200413-0002/

reference_url	https://www.debian.org/security/2020/dsa-4757
reference_id
reference_type
scores
url	https://www.debian.org/security/2020/dsa-4757

reference_url	https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url	https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	http://www.openwall.com/lists/oss-security/2020/04/03/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2020/04/03/1

reference_url	http://www.openwall.com/lists/oss-security/2020/04/04/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2020/04/04/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1820761
reference_id	1820761
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1820761

reference_url	https://security.archlinux.org/ASA-202004-14
reference_id	ASA-202004-14
reference_type
scores
url	https://security.archlinux.org/ASA-202004-14

reference_url

reference_id

AVG-1126

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2020-1927.json

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack::::::::
reference_id	cpe:2.3:a:oracle:instantis_enterprisetrack::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sd-wan_aware:8.2:::::::*
reference_id	cpe:2.3:a:oracle:sd-wan_aware:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sd-wan_aware:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*
reference_id	cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:::::::*
reference_id	cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:32:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

reference_id

CVE-2020-1927

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2020-1927.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1927

reference_id

CVE-2020-1927

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1927

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:2263
reference_id	RHSA-2020:2263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2263

reference_url	https://access.redhat.com/errata/RHSA-2020:3958
reference_id	RHSA-2020:3958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3958

reference_url	https://access.redhat.com/errata/RHSA-2020:4751
reference_id	RHSA-2020:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4751

reference_url	https://usn.ubuntu.com/4458-1/
reference_id	USN-4458-1
reference_type
scores
url	https://usn.ubuntu.com/4458-1/

fixed_packages

url	pkg:apache/httpd@2.4.42
purl	pkg:apache/httpd@2.4.42
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.42

aliases CVE-2020-1927

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5xrt-1n1q-4bey

url VCID-66k7-maf9-dfcd

vulnerability_id VCID-66k7-maf9-dfcd

summary Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35452.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35452.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35452

reference_id

reference_type

scores

value	0.10695
scoring_system	epss
scoring_elements	0.93289
published_at	2026-04-01T12:55:00Z

value	0.10695
scoring_system	epss
scoring_elements	0.93319
published_at	2026-04-13T12:55:00Z

value	0.10695
scoring_system	epss
scoring_elements	0.93315
published_at	2026-04-09T12:55:00Z

value	0.10695
scoring_system	epss
scoring_elements	0.9332
published_at	2026-04-11T12:55:00Z

value	0.10695
scoring_system	epss
scoring_elements	0.93318
published_at	2026-04-12T12:55:00Z

value	0.10695
scoring_system	epss
scoring_elements	0.93297
published_at	2026-04-02T12:55:00Z

value	0.10695
scoring_system	epss
scoring_elements	0.93303
published_at	2026-04-04T12:55:00Z

value	0.10695
scoring_system	epss
scoring_elements	0.93302
published_at	2026-04-07T12:55:00Z

value	0.10695
scoring_system	epss
scoring_elements	0.93311
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35452

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1966724
reference_id	1966724
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1966724

reference_url

reference_id

AVG-2053

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2020-35452.json

reference_url

reference_id

CVE-2020-35452

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2020-35452.json

reference_url	https://security.gentoo.org/glsa/202107-38
reference_id	GLSA-202107-38
reference_type
scores
url	https://security.gentoo.org/glsa/202107-38

reference_url	https://access.redhat.com/errata/RHSA-2021:4613
reference_id	RHSA-2021:4613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4613

reference_url	https://access.redhat.com/errata/RHSA-2021:4614
reference_id	RHSA-2021:4614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4614

reference_url	https://access.redhat.com/errata/RHSA-2022:1915
reference_id	RHSA-2022:1915
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1915

reference_url	https://usn.ubuntu.com/4994-1/
reference_id	USN-4994-1
reference_type
scores
url	https://usn.ubuntu.com/4994-1/

reference_url	https://usn.ubuntu.com/4994-2/
reference_id	USN-4994-2
reference_type
scores
url	https://usn.ubuntu.com/4994-2/

fixed_packages

url pkg:apache/httpd@2.4.48

purl pkg:apache/httpd@2.4.48

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-db6k-j9mj-e7hy

vulnerability	VCID-mtg7-8556-kbgd

vulnerability	VCID-rdtq-8ng5-53fn

vulnerability	VCID-wrw6-uzz4-rkfb

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.48

aliases CVE-2020-35452

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66k7-maf9-dfcd

url VCID-91u7-vh6n-v7fm

vulnerability_id VCID-91u7-vh6n-v7fm

summary Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13938.json

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13938.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-13938

reference_id

reference_type

scores

value	0.00071
scoring_system	epss
scoring_elements	0.21778
published_at	2026-04-01T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21808
published_at	2026-04-13T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21906
published_at	2026-04-11T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21866
published_at	2026-04-12T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21943
published_at	2026-04-02T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21997
published_at	2026-04-04T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21761
published_at	2026-04-07T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21839
published_at	2026-04-08T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21894
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-13938

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1970006
reference_id	1970006
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1970006

reference_url

https://security.archlinux.org/AVG-2054

reference_id

AVG-2054

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2054

reference_url

https://httpd.apache.org/security/json/CVE-2020-13938.json

reference_id

CVE-2020-13938

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2020-13938.json

fixed_packages

url pkg:apache/httpd@2.4.48

purl pkg:apache/httpd@2.4.48

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-db6k-j9mj-e7hy

vulnerability	VCID-mtg7-8556-kbgd

vulnerability	VCID-rdtq-8ng5-53fn

vulnerability	VCID-wrw6-uzz4-rkfb

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.48

aliases CVE-2020-13938

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91u7-vh6n-v7fm

url VCID-auhk-ppv5-buaa

vulnerability_id VCID-auhk-ppv5-buaa

summary in Apache HTTP Server versions 2.4.0 to 2.4.41, mod_proxy_ftp use of uninitialized value with malicious FTP backend.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1934

reference_id

reference_type

scores

value	0.38657
scoring_system	epss
scoring_elements	0.97221
published_at	2026-04-01T12:55:00Z

value	0.38657
scoring_system	epss
scoring_elements	0.97248
published_at	2026-04-13T12:55:00Z

value	0.38657
scoring_system	epss
scoring_elements	0.97233
published_at	2026-04-07T12:55:00Z

value	0.38657
scoring_system	epss
scoring_elements	0.97242
published_at	2026-04-08T12:55:00Z

value	0.38657
scoring_system	epss
scoring_elements	0.97243
published_at	2026-04-09T12:55:00Z

value	0.38657
scoring_system	epss
scoring_elements	0.97247
published_at	2026-04-11T12:55:00Z

value	0.38657
scoring_system	epss
scoring_elements	0.97227
published_at	2026-04-02T12:55:00Z

value	0.38657
scoring_system	epss
scoring_elements	0.97232
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/

reference_url	https://security.netapp.com/advisory/ntap-20200413-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200413-0002/

reference_url	https://www.debian.org/security/2020/dsa-4757
reference_id
reference_type
scores
url	https://www.debian.org/security/2020/dsa-4757

reference_url	https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1820772
reference_id	1820772
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1820772

reference_url	https://security.archlinux.org/ASA-202004-14
reference_id	ASA-202004-14
reference_type
scores
url	https://security.archlinux.org/ASA-202004-14

reference_url

reference_id

AVG-1126

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2020-1934.json

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack::::::::
reference_id	cpe:2.3:a:oracle:instantis_enterprisetrack::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*
reference_id	cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:32:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

reference_id

CVE-2020-1934

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2020-1934.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1934

reference_id

CVE-2020-1934

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1934

reference_url	https://access.redhat.com/errata/RHSA-2020:2644
reference_id	RHSA-2020:2644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2644

reference_url	https://access.redhat.com/errata/RHSA-2020:2646
reference_id	RHSA-2020:2646
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2646

reference_url	https://access.redhat.com/errata/RHSA-2020:3958
reference_id	RHSA-2020:3958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3958

reference_url	https://access.redhat.com/errata/RHSA-2020:4751
reference_id	RHSA-2020:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4751

reference_url	https://usn.ubuntu.com/4458-1/
reference_id	USN-4458-1
reference_type
scores
url	https://usn.ubuntu.com/4458-1/

fixed_packages

url	pkg:apache/httpd@2.4.42
purl	pkg:apache/httpd@2.4.42
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.42

aliases CVE-2020-1934

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-auhk-ppv5-buaa

url VCID-bvkg-nrwd-e7g8

vulnerability_id VCID-bvkg-nrwd-e7g8

summary Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26690.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26690.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-26690

reference_id

reference_type

scores

value	0.70379
scoring_system	epss
scoring_elements	0.98675
published_at	2026-04-02T12:55:00Z

value	0.70379
scoring_system	epss
scoring_elements	0.98687
published_at	2026-04-13T12:55:00Z

value	0.70379
scoring_system	epss
scoring_elements	0.98682
published_at	2026-04-08T12:55:00Z

value	0.70379
scoring_system	epss
scoring_elements	0.98683
published_at	2026-04-09T12:55:00Z

value	0.70379
scoring_system	epss
scoring_elements	0.98685
published_at	2026-04-12T12:55:00Z

value	0.70379
scoring_system	epss
scoring_elements	0.98678
published_at	2026-04-04T12:55:00Z

value	0.70379
scoring_system	epss
scoring_elements	0.98681
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-26690

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1966729
reference_id	1966729
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1966729

reference_url

reference_id

AVG-2053

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2021-26690.json

reference_url

reference_id

CVE-2021-26690

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2021-26690.json

reference_url	https://security.gentoo.org/glsa/202107-38
reference_id	GLSA-202107-38
reference_type
scores
url	https://security.gentoo.org/glsa/202107-38

reference_url	https://access.redhat.com/errata/RHSA-2021:4257
reference_id	RHSA-2021:4257
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4257

reference_url	https://access.redhat.com/errata/RHSA-2021:4613
reference_id	RHSA-2021:4613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4613

reference_url	https://access.redhat.com/errata/RHSA-2021:4614
reference_id	RHSA-2021:4614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4614

reference_url	https://usn.ubuntu.com/4994-1/
reference_id	USN-4994-1
reference_type
scores
url	https://usn.ubuntu.com/4994-1/

reference_url	https://usn.ubuntu.com/4994-2/
reference_id	USN-4994-2
reference_type
scores
url	https://usn.ubuntu.com/4994-2/

fixed_packages

url pkg:apache/httpd@2.4.48

purl pkg:apache/httpd@2.4.48

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-db6k-j9mj-e7hy

vulnerability	VCID-mtg7-8556-kbgd

vulnerability	VCID-rdtq-8ng5-53fn

vulnerability	VCID-wrw6-uzz4-rkfb

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.48

aliases CVE-2021-26690

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bvkg-nrwd-e7g8

url VCID-ct26-19cq-8kd7

vulnerability_id VCID-ct26-19cq-8kd7

summary In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17199.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17199.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-17199

reference_id

reference_type

scores

value	0.10459
scoring_system	epss
scoring_elements	0.93208
published_at	2026-04-01T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93236
published_at	2026-04-13T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.9322
published_at	2026-04-07T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93228
published_at	2026-04-08T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93233
published_at	2026-04-09T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93237
published_at	2026-04-11T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93234
published_at	2026-04-12T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93217
published_at	2026-04-02T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93222
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html

reference_url	https://seclists.org/bugtraq/2019/Apr/5
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Apr/5

reference_url	https://security.gentoo.org/glsa/201903-21
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201903-21

reference_url	https://security.netapp.com/advisory/ntap-20190125-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190125-0001/

reference_url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us
reference_id
reference_type
scores
url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us

reference_url	https://www.debian.org/security/2019/dsa-4422
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4422

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url	https://www.tenable.com/security/tns-2019-09
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2019-09

reference_url	http://www.securityfocus.com/bid/106742
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106742

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1668493
reference_id	1668493
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1668493

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920303
reference_id	920303
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920303

reference_url	https://security.archlinux.org/ASA-201901-14
reference_id	ASA-201901-14
reference_type
scores
url	https://security.archlinux.org/ASA-201901-14

reference_url

https://security.archlinux.org/AVG-857

reference_id

AVG-857

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-857

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:::::::*
reference_id	cpe:2.3:a:netapp:santricity_cloud_connector:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_id	cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2018-17199.json

reference_id

CVE-2018-17199

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2018-17199.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-17199

reference_id

CVE-2018-17199

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-17199

reference_url	https://access.redhat.com/errata/RHSA-2019:3932
reference_id	RHSA-2019:3932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3932

reference_url	https://access.redhat.com/errata/RHSA-2019:3933
reference_id	RHSA-2019:3933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3933

reference_url	https://access.redhat.com/errata/RHSA-2019:3935
reference_id	RHSA-2019:3935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3935

reference_url	https://access.redhat.com/errata/RHSA-2019:4126
reference_id	RHSA-2019:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4126

reference_url	https://access.redhat.com/errata/RHSA-2020:1121
reference_id	RHSA-2020:1121
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1121

reference_url	https://access.redhat.com/errata/RHSA-2021:1809
reference_id	RHSA-2021:1809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1809

reference_url	https://usn.ubuntu.com/3937-1/
reference_id	USN-3937-1
reference_type
scores
url	https://usn.ubuntu.com/3937-1/

fixed_packages

url pkg:apache/httpd@2.4.38

purl pkg:apache/httpd@2.4.38

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-4sss-a8ne-kqbc

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6vxq-uxxw-ybeh

vulnerability	VCID-7vfk-1dwm-xbbt

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-a9rw-3s1y-hqd7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eesz-v6ae-gya3

vulnerability	VCID-ehv1-yvpu-ubcg

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-t67v-c4gx-ukbj

vulnerability	VCID-ugdv-apr8-g3bz

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-v41h-pbbe-zfas

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-y3k1-c4rn-xbc2

vulnerability	VCID-yz3c-arnr-y3cs

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.38

aliases CVE-2018-17199

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ct26-19cq-8kd7

url VCID-h6kk-81jx-h7b8

vulnerability_id VCID-h6kk-81jx-h7b8

summary Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10098.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10098.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10098

reference_id

reference_type

scores

value	0.80306
scoring_system	epss
scoring_elements	0.99111
published_at	2026-04-01T12:55:00Z

value	0.80306
scoring_system	epss
scoring_elements	0.99114
published_at	2026-04-04T12:55:00Z

value	0.80306
scoring_system	epss
scoring_elements	0.99119
published_at	2026-04-11T12:55:00Z

value	0.80306
scoring_system	epss
scoring_elements	0.99117
published_at	2026-04-07T12:55:00Z

value	0.80306
scoring_system	epss
scoring_elements	0.99112
published_at	2026-04-02T12:55:00Z

value	0.80306
scoring_system	epss
scoring_elements	0.9912
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url	https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url	https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2020.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	http://www.openwall.com/lists/oss-security/2020/04/01/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2020/04/01/4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1743959
reference_id	1743959
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1743959

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://0day.work/open-redirects-in-improperly-configured-mod_rewrite-rules-poc-for-cve-2019-10098/
reference_id	CVE-2019-10098
reference_type	exploit
scores
url	https://0day.work/open-redirects-in-improperly-configured-mod_rewrite-rules-poc-for-cve-2019-10098/

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47689.md
reference_id	CVE-2019-10098
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47689.md

reference_url

https://httpd.apache.org/security/json/CVE-2019-10098.json

reference_id

CVE-2019-10098

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-10098.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10098

reference_id

CVE-2019-10098

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10098

reference_url	https://security.gentoo.org/glsa/201909-04
reference_id	GLSA-201909-04
reference_type
scores
url	https://security.gentoo.org/glsa/201909-04

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:2263
reference_id	RHSA-2020:2263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2263

reference_url	https://access.redhat.com/errata/RHSA-2020:3958
reference_id	RHSA-2020:3958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3958

reference_url	https://access.redhat.com/errata/RHSA-2020:4751
reference_id	RHSA-2020:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4751

reference_url	https://usn.ubuntu.com/4113-1/
reference_id	USN-4113-1
reference_type
scores
url	https://usn.ubuntu.com/4113-1/

fixed_packages

url pkg:apache/httpd@2.4.41

purl pkg:apache/httpd@2.4.41

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.41

aliases CVE-2019-10098

risk_score 10.0

exploitability 2.0

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6kk-81jx-h7b8

url VCID-uwqg-yytc-vfae

vulnerability_id VCID-uwqg-yytc-vfae

summary When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0220.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0220.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0220

reference_id

reference_type

scores

value	0.20275
scoring_system	epss
scoring_elements	0.95478
published_at	2026-04-01T12:55:00Z

value	0.20275
scoring_system	epss
scoring_elements	0.95514
published_at	2026-04-13T12:55:00Z

value	0.20275
scoring_system	epss
scoring_elements	0.95507
published_at	2026-04-09T12:55:00Z

value	0.20275
scoring_system	epss
scoring_elements	0.95512
published_at	2026-04-11T12:55:00Z

value	0.20275
scoring_system	epss
scoring_elements	0.95513
published_at	2026-04-12T12:55:00Z

value	0.20275
scoring_system	epss
scoring_elements	0.95488
published_at	2026-04-02T12:55:00Z

value	0.20275
scoring_system	epss
scoring_elements	0.95494
published_at	2026-04-04T12:55:00Z

value	0.20275
scoring_system	epss
scoring_elements	0.95498
published_at	2026-04-07T12:55:00Z

value	0.20275
scoring_system	epss
scoring_elements	0.95505
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0220

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1695036
reference_id	1695036
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1695036

reference_url	https://security.archlinux.org/ASA-201904-3
reference_id	ASA-201904-3
reference_type
scores
url	https://security.archlinux.org/ASA-201904-3

reference_url

reference_id

AVG-946

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-0220.json

reference_url

reference_id

CVE-2019-0220

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-0220.json

reference_url	https://access.redhat.com/errata/RHSA-2019:2343
reference_id	RHSA-2019:2343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2343

reference_url	https://access.redhat.com/errata/RHSA-2019:3436
reference_id	RHSA-2019:3436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3436

reference_url	https://access.redhat.com/errata/RHSA-2019:4126
reference_id	RHSA-2019:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4126

reference_url	https://access.redhat.com/errata/RHSA-2020:0250
reference_id	RHSA-2020:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0250

reference_url	https://access.redhat.com/errata/RHSA-2020:0251
reference_id	RHSA-2020:0251
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0251

reference_url	https://usn.ubuntu.com/3937-1/
reference_id	USN-3937-1
reference_type
scores
url	https://usn.ubuntu.com/3937-1/

fixed_packages

url pkg:apache/httpd@2.4.39

purl pkg:apache/httpd@2.4.39

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-a9rw-3s1y-hqd7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eesz-v6ae-gya3

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-t67v-c4gx-ukbj

vulnerability	VCID-v41h-pbbe-zfas

vulnerability	VCID-y3k1-c4rn-xbc2

vulnerability	VCID-yz3c-arnr-y3cs

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.39

aliases CVE-2019-0220

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwqg-yytc-vfae

url VCID-w6p6-u8ku-k3f6

vulnerability_id VCID-w6p6-u8ku-k3f6

summary In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0217.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0217.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0217

reference_id

reference_type

scores

value	0.43022
scoring_system	epss
scoring_elements	0.97464
published_at	2026-04-01T12:55:00Z

value	0.43022
scoring_system	epss
scoring_elements	0.97488
published_at	2026-04-13T12:55:00Z

value	0.43022
scoring_system	epss
scoring_elements	0.97475
published_at	2026-04-07T12:55:00Z

value	0.43022
scoring_system	epss
scoring_elements	0.97481
published_at	2026-04-08T12:55:00Z

value	0.43022
scoring_system	epss
scoring_elements	0.97482
published_at	2026-04-09T12:55:00Z

value	0.43022
scoring_system	epss
scoring_elements	0.97485
published_at	2026-04-11T12:55:00Z

value	0.43022
scoring_system	epss
scoring_elements	0.97487
published_at	2026-04-12T12:55:00Z

value	0.43022
scoring_system	epss
scoring_elements	0.97471
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0217

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/

reference_url	https://seclists.org/bugtraq/2019/Apr/5
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Apr/5

reference_url	https://security.netapp.com/advisory/ntap-20190423-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190423-0001/

reference_url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us
reference_id
reference_type
scores
url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us

reference_url	https://www.debian.org/security/2019/dsa-4422
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4422

reference_url	https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	http://www.openwall.com/lists/oss-security/2019/04/02/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/04/02/5

reference_url	http://www.securityfocus.com/bid/107668
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107668

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1695020
reference_id	1695020
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1695020

reference_url	https://security.archlinux.org/ASA-201904-3
reference_id	ASA-201904-3
reference_type
scores
url	https://security.archlinux.org/ASA-201904-3

reference_url

reference_id

AVG-946

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url